VYPR
Unrated severityNVD Advisory· Published Aug 25, 2012· Updated Jun 16, 2026

CVE-2012-3501

CVE-2012-3501

Description

The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cause a denial of service (daemon crash) via a URL with certain characters, as demonstrated using %0D or %0A.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • Darold/Squidclamav15 versions
    cpe:2.3:a:darold:squidclamav:5.0:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:darold:squidclamav:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:darold:squidclamav:6.6:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.